Discuss this help topic in SecureBlackbox Forum



Filter: C#/Java  VB.NET  Pascal  C++  PHP  

Specifies whether to check the SubjectName.CommonName if SubjectAltName extension is present.


    bool SkipSubjectNameIfAltNameExists;

    Property SkipSubjectNameIfAltNameExists As Boolean

    property SkipSubjectNameIfAltNameExists : boolean;

    bool get_IgnoreCAKeyUsage();
    void set_IgnoreCAKeyUsage(bool Value);

    bool get_IgnoreCAKeyUsage()
    void set_IgnoreCAKeyUsage(bool $Value)


    The RFC 6125 requires that SubjectAltName (SAN) extension should be checked if it is present, and if it is, then SubjectName.CommonName (CN) should not be checked. This contradicts to some existing certificates where, for instance, a.com is put in CN and www.a.com is put to SAN. Therefore, the new behavior is the default option in SecureBlackbox, which can be disabled if the old way of checking both SAN and CN is needed. The default value is True.

Discuss this help topic in SecureBlackbox Forum